ClawHub
Back to skill

Security audit

FreeLattice Skill Builder

Security checks across malware telemetry and agentic risk

Overview

This skill is a narrow helper for drafting FreeLattice skill fields and optional package files, with no hidden code, credentials, or network behavior found.

Reasonable to install. Before importing any generated package, review the generated skill.json, README.md, zip contents, and especially the generated system prompt. Avoid including secrets or sensitive account details in skill fields because those values may be written into package files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.